package cn.wolfcode.ss.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

// @RestController
@RequestMapping("depts")
public class DepartmentController_ann_perm {
    // spring的 --SpEl表达式
    // @PreAuthorize("hasAuthority('dept:insert')")
    @PreAuthorize("hasAnyRole('dept_mgr','hr')")
    @GetMapping("insert")
    public String insert(){
        return "dept-insert";
    }

    // @PreAuthorize("hasAuthority('dept:update')")
    @PreAuthorize("hasAnyRole('dept_mgr','hr')")
    @GetMapping("update")
    public String update(){
        return "dept-update";
    }

    // @PreAuthorize("hasAuthority('dept:delete')")
    @PreAuthorize("hasRole('hr')")
    @GetMapping("delete")
    public String delete(){
        return "dept-delete";
    }

    @PreAuthorize("hasRole('hr')")
    @GetMapping("list")
    public String list(){
        return "dept-list";
    }
}
